Entry Xie:2008:TMS from tissec.bib

Last update: Sun Oct 15 02:58:48 MDT 2017

Index sections

Top | Symbols | Numbers | Math | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

BibTeX entry

@Article{Xie:2008:TMS,
  author =       "Mengjun Xie and Heng Yin and Haining Wang",
  title =        "Thwarting {E}-mail Spam Laundering",
  journal =      j-TISSEC,
  volume =       "12",
  number =       "2",
  pages =        "13:1--13:??",
  month =        dec,
  year =         "2008",
  CODEN =        "ATISBQ",
  DOI =          "https://doi.org/10.1145/1455518.1455525",
  ISSN =         "1094-9224 (print), 1557-7406 (electronic)",
  ISSN-L =       "1094-9224",
  bibdate =      "Tue Dec 23 11:58:14 MST 2008",
  bibsource =    "http://portal.acm.org/;
                 http://www.math.utah.edu/pub/tex/bib/tissec.bib",
  abstract =     "Laundering e-mail spam through open-proxies or
                 compromised PCs is a widely-used trick to conceal real
                 spam sources and reduce spamming cost in the
                 underground e-mail spam industry. Spammers have plagued
                 the Internet by exploiting a large number of spam
                 proxies. The facility of breaking spam laundering and
                 deterring spamming activities close to their sources,
                 which would greatly benefit not only e-mail users but
                 also victim ISPs, is in great demand but still missing.
                 In this article, we reveal one salient characteristic
                 of proxy-based spamming activities, namely packet
                 symmetry, by analyzing protocol semantics and timing
                 causality. Based on the packet symmetry exhibited in
                 spam laundering, we propose a simple and effective
                 technique, DBSpam, to online detect and break spam
                 laundering activities inside a customer network.
                 Monitoring the bidirectional traffic passing through a
                 network gateway, DBSpam utilizes a simple statistical
                 method, Sequential Probability Ratio Test, to detect
                 the occurrence of spam laundering in a timely manner.
                 To balance the goals of promptness and accuracy, we
                 introduce a noise-reduction technique in DBSpam, after
                 which the laundering path can be identified more
                 accurately. Then DBSpam activates its spam suppressing
                 mechanism to break the spam laundering. We implement a
                 prototype of DBSpam based on {\em libpcap}, and
                 validate its efficacy on spam detection and suppression
                 through both theoretical analyses and trace-based
                 experiments.",
  acknowledgement = ack-nhfb,
  articleno =    "13",
  fjournal =     "ACM Transactions on Information and System Security",
  journal-URL =  "http://portal.acm.org/browse_dl.cfm?idx=J789",
  keywords =     "proxy; Spam; SPRT",
}

Related entries

accuracy, 2(3)295, 11(2)2, 12(1)4, 12(3)17, 13(4)35, 13(4)38, 15(2)7, 15(3)12, 15(4)17, 17(3)12, 18(4)12
accurately, 2(3)295, 10(4)1, 11(3)12, 12(3)17, 18(2)7, 18(4)12
activate, 10(4)2
activity, 2(1)65, 11(4)20, 12(1)4, 15(4)17, 16(4)14, 17(3)12
analyse, 13(3)26, 16(4)17, 17(2)7, 17(4)16
analyzing, 5(4)458, 7(2)274, 11(4)17, 12(3)19, 14(1)13, 16(4)17, 18(4)12
article, 10(1)3, 11(1)3, 11(1)4, 11(2)5, 11(3)12, 11(3)14, 11(3)15, 11(3)16, 11(4)20, 11(4)22, 11(4)23, 12(1)1, 12(1)2, 12(1)4, 12(1)6, 12(2)8, 12(2)10, 12(3)14, 12(3)16, 12(3)17, 12(3)19, 12(4)21, 12(4)22, 13(3)22, 13(3)24, 13(3)25, 13(3)27, 13(3)28, 13(4)29, 13(4)31, 13(4)32, 13(4)34, 13(4)36, 13(4)41, 14(1)2, 14(1)3, 14(1)4, 14(1)10, 14(1)13, 14(1)14, 14(3)23, 14(3)25, 14(4)30, 15(2)9, 15(2)10, 15(3)11, 15(3)12, 15(3)13, 15(4)15, 15(4)16, 15(4)17, 16(1)1, 16(1)4, 16(2)6, 16(2)7, 16(2)8, 16(3)10, 16(4)14, 16(4)15, 17(2)8, 17(3)9, 17(3)11, 17(3)12, 17(4)13, 17(4)16, 18(1)3, 18(2)5, 18(2)7, 18(3)9, 18(3)10, 18(3)11, 18(4)12, 18(4)14
balance, 17(1)4, 17(3)11
based, 1(1)3, 2(1)34, 2(2)177, 2(3)230, 2(3)295, 2(3)332, 3(3)161, 7(2)319, 9(2)162, 9(2)181, 9(4)421, 10(1)2, 10(1)4, 10(2)6, 11(1)3, 11(2)1, 11(2)4, 11(3)12, 11(3)15, 11(4)17, 11(4)18, 12(1)1, 12(1)4, 12(3)16, 12(3)17, 12(3)18, 13(3)24, 13(3)27, 13(3)28, 13(4)29, 13(4)30, 13(4)31, 13(4)41, 14(1)3, 14(1)4, 14(1)8, 14(1)9, 14(1)10, 14(4)30, 15(2)6, 15(2)7, 15(3)13, 16(2)8, 16(4)16, 17(1)3, 17(2)7, 17(3)12, 17(4)13, 17(4)14, 17(4)15, 17(4)16, 18(1)1, 18(1)4, 18(3)10, 18(3)11, 18(4)14
benefit, 9(2)181, 9(4)461, 10(1)3, 10(3)11, 10(4)4, 11(4)20, 11(4)23, 13(4)31, 14(1)7, 14(1)9, 16(1)1, 16(3)11
bidirectional, 18(2)7
both, 1(1)26, 1(1)93, 2(1)65, 2(4)416, 9(2)181, 10(1)4, 10(3)12, 11(1)3, 11(1)4, 11(2)2, 11(3)14, 11(3)15, 11(3)16, 11(4)22, 12(1)2, 12(3)15, 12(4)20, 13(4)30, 13(4)33, 14(3)24, 15(1)5, 15(2)10, 15(3)11, 15(3)13, 16(1)4, 16(2)5, 16(3)10, 16(4)17, 17(3)9, 18(1)1, 18(4)13, 18(4)14
break, 2(4)416, 13(3)22, 13(4)41, 16(3)10
breaking, 7(2)206, 7(2)319, 12(2)9
characteristic, 2(4)416, 11(4)17, 13(4)30, 13(4)32, 17(1)1, 18(4)12
close, 11(4)18, 13(3)22
compromised, 2(3)332, 10(4)6, 11(3)12, 11(3)15, 11(4)18, 13(4)30, 13(4)38, 15(1)5
conceal, 12(4)22
cost, 4(1)72, 9(4)461, 11(4)20, 13(3)22, 14(1)2, 14(1)12, 14(2)17, 16(4)16, 17(3)11, 18(1)2, 18(2)5, 18(2)7
customer, 2(4)354, 11(1)4
demand, 15(2)10, 17(1)4, 18(2)5
detect, 2(3)295, 10(4)6, 11(3)14, 11(3)15, 12(2)10, 12(2)11, 12(3)19, 14(1)13, 15(2)6, 16(2)5, 16(4)14, 17(4)16, 18(2)7, 18(3)9
detection, 2(2)159, 2(3)295, 3(1)1, 3(3)186, 3(4)227, 3(4)262, 4(4)407, 5(3)203, 6(2)173, 6(4)443, 7(4)591, 9(1)61, 10(1)4, 11(2)2, 11(3)12, 11(3)15, 11(4)19, 11(4)20, 12(2)11, 12(2)12, 12(4)22, 13(2)12, 13(4)30, 14(1)13, 14(3)27, 15(2)6, 15(3)11, 15(4)17, 17(4)13, 17(4)15, 18(1)2, 18(2)7, 18(3)9
deterring, 13(2)18
e-mail, 2(4)390
effective, 2(3)269, 9(2)113, 9(4)391, 10(1)4, 11(3)12, 11(4)22, 12(2)10, 12(4)22, 15(3)12, 15(4)16, 17(1)3, 17(4)13, 18(1)1, 18(4)12
efficacy, 12(4)22, 13(4)35, 15(1)5, 18(3)11
experiment, 10(4)1, 10(4)4, 11(2)5, 11(3)12, 11(4)22, 13(3)28, 15(4)15, 16(2)6, 16(3)10, 16(3)11, 16(4)14, 17(3)12, 17(4)15, 18(3)11
exploiting, 13(3)22, 14(3)24, 15(3)14, 17(3)9
facility, 16(4)17
gateway, 10(3)11, 15(2)6
goal, 2(3)332, 17(4)13
greatly, 9(4)391, 11(2)3, 12(4)21
have, 1(1)66, 1(1)93, 2(1)65, 2(2)138, 2(3)230, 2(3)269, 10(1)2, 10(1)4, 10(2)5, 10(3)10, 10(3)12, 10(4)4, 10(4)5, 10(4)6, 11(1)2, 11(2)1, 11(2)5, 11(3)15, 11(3)16, 11(4)17, 11(4)18, 11(4)21, 12(1)1, 12(1)2, 12(2)10, 12(3)15, 12(3)16, 12(3)17, 12(4)20, 13(3)20, 13(3)26, 13(3)27, 13(3)28, 13(4)32, 13(4)36, 13(4)39, 13(4)40, 14(1)6, 14(1)7, 14(1)10, 14(1)13, 14(1)14, 14(3)27, 14(4)28, 14(4)29, 15(2)7, 15(2)9, 15(2)10, 15(3)12, 15(4)18, 16(2)7, 16(2)8, 16(3)10, 16(4)15, 16(4)16, 17(1)3, 17(3)11, 17(3)12, 17(4)13, 17(4)15, 18(1)1, 18(1)3, 18(2)5, 18(2)7, 18(4)13
identified, 13(3)27, 17(3)10
implement, 2(2)177, 9(4)461, 11(1)3, 11(3)14, 11(3)16, 12(1)4, 14(1)6, 14(1)10, 14(3)24, 14(4)31, 15(2)6, 16(2)6, 16(2)8, 16(3)10, 16(4)14, 17(2)6, 17(3)10
industry, 14(4)32, 17(1)1
Internet, 2(3)332, 2(4)390, 7(2)242, 11(2)5, 12(3)17, 13(4)38, 15(3)11, 17(1)4, 17(3)12, 17(4)16
introduce, 1(1)66, 1(1)93, 2(3)230, 2(4)390, 9(2)162, 10(1)2, 10(1)3, 10(4)2, 11(2)5, 11(3)12, 11(4)17, 12(1)1, 12(1)3, 12(1)5, 12(3)14, 12(3)15, 12(4)20, 13(3)24, 13(3)27, 13(4)32, 14(1)3, 14(1)12, 15(1)2, 16(2)7, 16(3)9, 16(3)12, 16(4)17, 17(2)7, 17(3)9
large, 1(1)66, 2(1)65, 9(4)391, 11(1)4, 11(3)15, 13(4)32, 14(1)12, 14(1)13, 14(3)25, 15(1)4, 15(3)14, 15(4)15, 16(2)8, 16(4)14, 17(3)10, 17(3)11, 18(4)14
mail, e-, 2(4)390
manner, 2(1)34, 12(3)14, 14(1)7, 14(3)25, 15(2)10, 18(3)11
mechanism, 2(2)177, 3(1)51, 10(2)8, 10(4)4, 10(4)6, 11(2)5, 11(3)12, 11(3)16, 12(1)4, 12(2)9, 12(2)11, 12(3)15, 12(3)19, 12(4)22, 13(3)21, 13(3)24, 13(3)25, 13(3)28, 13(4)29, 14(1)3, 14(1)11, 14(3)24, 14(3)27, 15(1)5, 15(2)6, 15(2)10, 16(1)3, 16(2)5, 16(3)12, 17(1)3, 17(2)5, 17(3)10, 18(4)14
method, 1(1)3, 1(1)26, 2(2)159, 2(3)295, 2(3)332, 2(4)416, 9(3)259, 10(1)3, 10(3)10, 10(4)4, 10(4)5, 11(2)2, 11(3)16, 11(4)19, 11(4)22, 12(1)2, 12(1)6, 12(3)16, 13(2)15, 13(4)35, 15(1)4, 15(2)10, 15(3)12, 15(4)15, 15(4)17, 17(3)12, 18(3)9
missing, 10(1)2, 16(2)5, 17(1)2
monitoring, 11(2)2, 12(3)19, 13(2)12, 13(4)38, 14(1)13, 15(2)10, 16(1)3, 16(2)7, 16(4)14
more, 2(1)3, 2(1)65, 2(3)332, 9(2)181, 9(4)391, 9(4)421, 9(4)461, 10(1)4, 10(3)9, 10(4)1, 10(4)4, 10(4)6, 11(2)3, 11(2)4, 11(2)6, 11(3)14, 11(4)21, 12(1)1, 12(2)8, 12(2)10, 12(2)12, 12(3)18, 13(1)10, 13(3)20, 13(3)21, 13(3)22, 13(3)28, 13(4)32, 13(4)34, 13(4)39, 14(3)27, 14(4)31, 15(1)2, 15(1)5, 15(2)8, 15(2)9, 15(3)11, 15(3)12, 15(4)16, 16(1)2, 16(2)8, 16(3)10, 16(3)11, 16(4)17, 17(1)2, 17(1)3, 17(3)9, 17(4)14, 17(4)16, 18(1)1, 18(3)11, 18(4)13
namely, 13(1)10, 13(3)26, 17(3)12, 18(1)4, 18(2)5
not, 1(1)26, 2(1)65, 2(2)177, 2(3)230, 2(3)269, 2(4)390, 9(4)421, 10(1)3, 10(4)2, 11(1)3, 11(1)4, 11(2)2, 11(2)4, 11(2)5, 11(3)12, 11(3)13, 11(3)15, 11(3)16, 11(4)19, 11(4)20, 11(4)22, 12(1)1, 12(1)2, 12(1)3, 12(1)6, 12(2)10, 12(2)11, 12(3)14, 12(4)22, 13(1)10, 13(3)28, 13(4)33, 13(4)35, 13(4)36, 13(4)37, 13(4)39, 13(4)40, 14(3)23, 14(3)27, 14(4)28, 14(4)29, 14(4)31, 15(2)6, 15(2)9, 15(2)10, 15(3)12, 15(3)13, 16(1)1, 16(2)5, 16(2)6, 16(3)9, 16(3)12, 16(4)13, 16(4)15, 16(4)16, 17(1)2, 17(3)10, 17(4)15, 18(1)1, 18(3)9, 18(4)13
number, 7(2)319, 9(2)181, 10(1)4, 10(2)5, 10(3)11, 10(3)12, 10(4)5, 11(1)2, 11(2)5, 11(3)12, 11(3)14, 11(3)15, 12(1)1, 12(1)2, 12(1)5, 12(1)6, 12(2)8, 12(2)9, 12(3)16, 12(3)18, 12(4)21, 13(1)10, 13(3)20, 13(3)22, 13(3)25, 13(4)32, 13(4)34, 14(1)11, 14(3)26, 14(4)31, 15(1)4, 15(2)7, 15(2)8, 15(4)15, 16(1)4, 16(2)7, 16(4)14, 16(4)16, 17(3)10, 17(4)16, 18(2)8
one, 1(1)26, 1(1)93, 2(1)3, 2(1)65, 2(3)295, 9(4)461, 10(1)2, 10(2)5, 10(2)8, 10(3)12, 10(4)3, 11(2)6, 11(3)14, 12(1)1, 12(1)5, 12(3)14, 13(3)21, 13(3)25, 13(3)26, 13(3)27, 13(4)41, 14(1)3, 14(1)5, 14(4)30, 14(4)32, 15(2)10, 15(3)11, 15(4)16, 15(4)18, 16(1)3, 16(1)4, 16(3)9, 16(4)14, 17(2)8, 17(4)13, 18(1)1, 18(3)11, 18(4)13
online, 1(1)3, 9(3)235, 11(2)5, 11(4)19, 12(4)22, 13(4)41, 14(1)11, 14(4)32, 15(2)9, 16(2)7, 16(4)14, 17(4)14, 18(1)1, 18(4)13
only, 2(3)230, 2(3)295, 10(4)3, 11(1)3, 11(2)4, 11(3)13, 11(4)20, 12(1)2, 12(1)3, 12(3)19, 12(4)21, 13(1)10, 13(3)25, 13(3)28, 13(4)35, 13(4)37, 13(4)39, 14(1)5, 14(1)11, 14(3)26, 14(4)31, 15(2)9, 15(4)16, 15(4)18, 16(1)3, 16(2)6, 16(2)7, 16(3)9, 16(3)10, 16(4)13, 17(3)9, 17(4)15, 18(2)5, 18(2)8
packet, 2(3)269, 7(2)319, 11(2)2, 11(3)15, 12(2)10, 12(2)11, 12(4)22, 13(4)35, 14(1)5, 14(1)7, 15(2)6, 15(4)16
path, 2(2)138, 8(2)153, 9(4)421, 10(1)3, 10(4)6, 11(2)3, 12(2)10, 12(3)18
probability, 11(3)13, 12(1)5, 15(3)11, 16(3)11, 17(3)9, 17(4)15, 18(1)2
propose, 1(1)26, 2(1)65, 2(2)138, 2(3)269, 9(2)162, 9(4)391, 9(4)421, 10(1)3, 10(1)4, 10(3)12, 10(4)1, 10(4)3, 10(4)4, 10(4)6, 11(1)3, 11(1)4, 11(3)12, 11(3)15, 11(4)18, 11(4)19, 11(4)23, 12(1)4, 12(2)8, 12(2)11, 12(3)18, 13(3)28, 13(4)32, 13(4)36, 13(4)40, 13(4)41, 14(1)5, 14(1)10, 14(1)11, 14(3)24, 14(3)26, 14(4)30, 15(2)7, 15(4)17, 16(1)2, 16(4)15, 16(4)16, 17(1)1, 17(3)10, 17(3)11, 17(3)12, 17(4)13, 17(4)14, 18(1)2, 18(2)7
prototype, 1(1)3, 2(1)34, 10(1)4, 10(4)4, 11(1)2, 11(1)3, 11(4)18, 12(1)4, 13(4)30, 14(1)3, 16(1)1, 16(2)6, 17(2)5
proxy, 9(1)1, 16(2)5
real, 10(1)2, 10(4)1, 10(4)4, 11(2)3, 11(3)16, 11(4)17, 12(2)10, 12(2)11, 13(4)30, 14(4)30, 16(3)10, 16(4)14, 16(4)17, 17(4)16, 18(1)3, 18(3)9, 18(4)12
reduce, 2(3)295, 7(2)319, 9(4)391, 11(3)14, 11(4)17, 12(3)17, 13(3)27, 13(4)40, 14(1)12, 15(3)12, 16(1)4, 16(3)10, 16(4)17, 18(4)12, 18(4)13
reveal, 12(1)6, 13(1)10, 13(4)30, 15(4)17, 17(1)1
semantic, 1(1)93, 10(2)8, 10(4)2, 11(4)21, 12(3)14, 13(2)12, 13(3)21, 13(4)36, 14(3)25, 15(3)13, 16(1)1, 16(2)7, 17(1)2, 17(1)3, 17(2)7
sequential, 11(4)19, 12(1)3, 13(3)21
simple, 2(3)230, 5(3)203, 9(2)181, 10(1)4, 10(3)11, 12(2)9, 12(3)18, 12(4)21, 12(4)22, 13(3)26, 13(4)33, 14(3)27, 15(2)9, 15(4)17, 17(1)2, 18(1)1
source, 1(1)66, 5(3)238, 12(2)11, 13(1)8, 13(3)21, 14(1)8, 14(3)23, 14(3)25, 15(2)6, 15(3)13, 18(4)12
spam, 16(4)14
statistical, 9(1)31, 14(3)27, 15(4)17, 16(2)8
still, 1(1)26, 10(1)2, 11(4)17, 11(4)21, 12(4)20, 13(3)20, 13(3)25, 14(3)27, 17(2)8, 18(2)7
symmetry, 10(4)5
technique, 1(1)3, 2(2)138, 2(3)230, 2(3)295, 2(4)416, 7(2)274, 9(4)391, 9(4)461, 10(2)6, 10(3)9, 10(4)6, 11(2)2, 11(3)12, 11(3)16, 11(4)17, 11(4)18, 11(4)22, 12(1)4, 12(2)11, 12(3)16, 12(3)18, 13(3)22, 13(3)25, 13(3)28, 13(4)32, 13(4)33, 13(4)35, 13(4)36, 13(4)39, 14(1)3, 14(1)5, 14(1)6, 14(1)13, 14(3)24, 14(4)32, 15(1)2, 15(1)5, 15(2)7, 15(2)8, 15(3)12, 15(4)17, 15(4)18, 16(1)2, 16(2)6, 16(2)7, 16(3)11, 16(4)13, 16(4)14, 17(3)9, 17(3)12, 17(4)16, 18(1)2, 18(2)6, 18(3)11
test, 11(4)19, 12(2)10, 16(2)8, 16(4)14
then, 1(1)3, 2(1)3, 2(1)65, 2(2)138, 9(4)461, 10(1)2, 10(1)4, 11(2)4, 11(4)18, 12(2)8, 12(3)18, 12(4)22, 13(1)10, 13(3)22, 13(3)25, 13(4)32, 14(4)30, 14(4)31, 14(4)32, 15(1)4, 15(2)6, 15(3)13, 15(4)18, 16(2)5, 16(2)8, 17(3)9, 17(4)15, 18(1)3, 18(1)4, 18(4)12
theoretical, 11(1)2, 11(3)13, 13(3)27, 16(3)11, 17(3)9
through, 5(4)367, 6(1)1, 9(2)162, 10(3)12, 10(4)2, 10(4)6, 11(2)2, 11(3)12, 11(4)22, 11(4)23, 12(2)8, 13(2)12, 13(3)25, 14(1)13, 15(3)12, 15(4)16, 16(2)5, 16(2)7, 16(3)9, 17(4)14, 18(1)2, 18(2)7, 18(3)11
timely, 18(3)11
timing, 2(4)416, 12(3)17, 12(4)22, 16(1)3, 17(2)8
traffic, 2(3)269, 10(2)8, 11(2)2, 11(2)3, 11(3)14, 12(4)22, 15(2)6, 15(4)16, 17(1)4
utilize, 10(1)3, 10(4)1, 11(4)19, 18(3)11, 18(4)12
validate, 2(3)230, 14(4)32, 15(2)6, 15(3)12, 18(2)7
victim, 15(4)16, 16(4)16, 17(2)8, 18(4)14
Wang, Haining, 18(3)11
would, 2(2)159, 10(4)1, 12(4)22, 13(3)26, 15(2)6, 15(2)10, 16(2)8, 17(3)11, 18(3)9